Metasploit installation and basic commands

Metasploit has an up to date collection of vulnerability exploits and allows a user to execute them automatically without the need of programming knowledge. It comes by default on Kali Linux. With metasploit any attacker with basic knowledge can compromise any computer or mobile device in relatively easy way. This can be used for knowledge of how to defend a linux system from hacking attacks.

Installing PostgreSQL

Metasploit depends on PostgreSQL for database connection, to install it on Debian/Ubuntu based systems run:

During the process you will be asked for a username or password, you can ignore the password, at the end you’ll see the username you assigned to the database, the password and token and below a URL https://localhost:5443/api/v1/auth/account , access it and login using the username and password.

To create the database and then run:

msfconsole

After launching metasploit type “db_status” to make sure the connection is working properly as shown in the image above.

Note: In case you find problems with the database, try the following commands:

Use the command set as in the image to define remote hosts (RHOSTS) , local hosts(LOCALHOSTS) and targets, each exploit and module has different information requirements.

Type exit to leave the program getting the terminal back.

Obviously the exploit won’t work because we are not targeting a vulnerable server, but that’s the way in which metasploit works to carry out an attack. By following the steps above you can understand how basic commands are used.

You can also merge Metasploit with vulnerability scanners such as OpenVas, Nessus, Nexpose and Nmap. Just export the resuts of these scanners as XML and on Metasploit type

db_import reporttoimport.XML

Type “hosts” and you’ll see the hosts of the report loaded into metasploit.

This tutorial was a first introduction to Metasploit console use and it’s basic commands. I hope you found it helpful to getting started with this potent software.

Keep following LinuxHint for more tips and updates on Linux.

About the author

Ivan Vanney

Ivan Vanney has over a decade working as sysadmin. He is s contributor on LinuxHint.com, and the founder of linuxer.info